1 Answer
1

If your site isn't using a vulnerable framework/blog/CMS, then you probably don't have to be overly worried about it; if they didn't find anything, it's just a waste of resources. If any of the URLs it's tried match URLs on your site, though, then the scanner has done its job -- and the person that was at that IP at the time the scan was taking place now has information on how they can break in. Check your access log for non-4xx responses to that IP during the time of the scan.

Fun part is, the IP may have changed in the past 3 days...so banning the IP at this point probably won't do much good. About the only surefire ways to keep them out are to update and/or disable the vulnerable apps, and/or take the server down.